Top 3 Malware Facts to Get Your 2021 Game Plan of Action

Top 3 Malware Facts to Get Your 2021 Game Plan of Action

1. Even with more training than ever before, business-disrupting ransomware attacks nearly doubled in 2020. Hackers are getting savvy to the remediation techniques and barraging ransomware artillery at every turn.
2. The number of malware sites is at its lowest point since 2007. So, you’re fine right? WRONG! At the same time, we’re now dealing with an alarming increase in phishing sites. These sites are attempting to trick you into entering your passwords, credit card numbers, etc. The attempts are never thwarted, they just morph into a new form and appearance to mislead and present a false sense of awareness that the threats have been mitigated.
3. SonicWall identified 439,854 “never-seen-before” malware variants. Although less malware was detected in 2019 versus 2018, a larger portion of the malware detected, presented itself in a new form and strain. There were 12.3% more new variants detected in 2019.

These statistics present a world in which the culprits of criminal cyber hacking show their true colors. When poked, they may appear to back off, however they just morph into a new predicament that can exhaust a novice opponent. At TimbukTech, we are not scared of these attempts, they are in our line of fire daily and we have tools and experience to fight them. Your business will benefit from our engineers and technicians who have the experience, education, and wherewithal to keep your business safe.

So how do avoid ransomware and attacks? Call TimbukTech today, we can arm you with training, firewalls, anti-malware software and systems, and a proactive, managed approach to your security.

Source: https://www.comparitech.com/antivirus/malware-statistics-facts/


Windows 10 – Boost Your User Experience

Everyone likes to have their own unique spin on the layout and navigation of their workspace. Being able to customize what used to be a wrote, stagnant user interface is definitely a thing of the past. Recent updates to Windows 10 make utilizing specific enhancements to make your digital experience more efficient and tailored to your subjective imagination, a pleasure to peruse.

You can pin frequently visited sites to your task bar to visit quickly instead of having to remember the URL by name. Also utilizing the ALT + TAB functions enables you to switch between the windows you have open for quick access. Most of these features are located under the Settings option and can truly individualize your features for ease of use and time enhancements.

If you take some time to review the options available, you can pinpoint the most important highlights such as activating the Windows Hello feature to add layered security to sign-ons or utilize the Windows Magnifier to read text aloud, allowing you to multi-task. Utilizing various functions within the Display module can help adjust for our eyesight, while the Snip & Sketch tool can be a great asset for communicating with co-workers and clients in a new way, see the example below:

As you can see, we’ve snapped a picture from our website and highlighted the service we wanted to share with the end user. This can quickly give a person the information they need instead of wasting time trying to explain things over the phone and can be especially helpful for guiding your clients to specific information points on your website, document or screen.

Take some time to review the various Settings options on Windows 10 and see how it can begin to help make your life a little easier. In today’s information overload, it could help increase the most valuable asset to our workday – the gift of time. TimbukTech is your resource for efficient, secure tools and information, your partner for business success.


Endpoint Protection for the Deep/Dark Web

In our last newsletter, we introduced you to the dark web and provided a definition for the purposes and activities flourishing there. In this issue, we’d like to address the important of antivirus and keeping updates active from the server/cloud to all endpoints. If you’re not already utilizing an automated tool, chances are there could be potential problems lurking in your network.

Creating a safe browsing environment depends on several different factors including education on the do’s and don’ts of internet/email protocols, cyclical login/password modification to commonly visited sites and most importantly – great layered and segmented security for your networking environment. Implementing a rigorous antivirus solution means more than just warning you of a potential website that is missing an SSL (Secure Sockets Layer) that encrypts traffic from one device to another.

Sophisticated antivirus protection has become a multi-faceted resource for users who have information stored on the deep web, which includes everyone. Whether you are accessing financial information, legal documents, or any private online information, you are already entrenched in the deep web. With this in mind, you need security tools that can address all the potential pitfalls they present.

Security features like the following can identify surreptitious predators:

• immediate notifications that a potential threat exists, prompting immediate diagnostics
• deep machine learning that can sense a bot attack and where its locus might exist
• rapid remediation techniques that alert our response team to a threat
• automated reporting for future learning and trend comparisons

If you are not set-up with one or more of these heightened security features, TimbukTech can be your resource for navigating the world of deep/dark web environments. We work with you to provide a full-scale, turnkey solution for the best possible outcomes in your fight for private information protection for your business and your clients.


Are you PCI compliant?

What is the Dark Web?

The dark web is source for users who want to be able to communicate without having their identity known. There are a variety of activities that occur on the dark web that range from illicit and illegal to protected sites that serve as safe spaces for whistleblowers to remain anonymous. The dark web, as indicated by the name, can serve as a place where users can buy information, contraband, and carry out other nefarious activities.

Criminals can buy usernames and passwords, credit card information, bank accounts, social security numbers, etc. – all leading to a network of what should be private and protected information that could belong to you, your family, your co-worker, your company or anyone that has been an unknowing victim of cyber activity. This underground network can destroy and damage lives and wreak havoc for your company and cause weeks of business interruption if a ransomware attack is engaged.

The users move their connecting information through various encrypted servers and networks, undetectable by most policing agencies. Authorities are gaining momentum and catching some felonious groups and individuals, yet that prompts others to close-up shop and start another illegitimate organization elsewhere – they just keep moving and changing information to avoid capture.

TimbukTech offers a deep web scan that can identify if your network has been or is vulnerable to attacks by cyber criminals who will sell your private information to the highest bidder. Part of staying proactive in your network is taking the time to understand who might be lingering silently in the background, just waiting for a susceptible moment. After our scan is initiated, we can then diagram a healing strategy, utilizing various platforms that offer network security and evergreen techniques that set your security risk as low as possible in this ever-changing environment.


Email Spoofing

Email security – COVID 19 Spoofing Attempts

Of particular interest regarding email security, is the ever-increasing amount of spoofing attacks dressed in sheep’s clothing, posing as informational emails regarding COVID 19 news and updates. However, lurking beneath the surface is a criminal’s attempt to lead a user away from their usual skepticism and lure them by playing on their fear and vulnerability in this unusual time in history.

Now is the time to be on high alert in training your staff to be aware of the soft and subtle tactics used by hackers to mentally sway a user to let down their guard. Are you training your staff on a continual basis on what to look for in a possible phishing email? Are they aware of the common elements used to make an email look like it came from a trusted source? Utilizing a phishing simulator can be an excellent tool to continually test your users to ensure they are on alert and being mindful of possible threats that occur in email.

Increasingly important is identifying users in your network that receive a large amount of email. When having to wade through lots of email, it can become easy to blindly open a spoofed email when in a hurry and on the go. Being busy is part of life these days, yet this is where criminals know how to take advantage of weakened sensitivity to the exposure. Don’t let you team fall victim to this tactic!

Other mitigating factors to ensure you have proper protection include ensuring you have proper security measures in place for your servers, segmentation of user profiles and their ability to access only the necessary information for their role, and deep learning security platforms that heal your vulnerabilities as you go, while learning for the next threat that is lurking – all effectuating a zero-trust workplace security master plan. TimbukTech is your resource for game plan action!


Aware and Alert

Employee Awareness - Are Your Employees Trained to Spot a Threat?

Employees are the core of any business – they are also the main target for cyber criminals and malicious activity. Social engineering deceives a user into taking an action through psychological manipulation. As employers, it is imperative that your staff understand the tactics cyber criminals use as their standard practice to defraud. Security awareness training is a key component of everyday business that is often overlooked or forgotten completely.

Securing your physical access to your company door is multi-layered with locks, keys, alarms, badges, etc. – shouldn’t your network deserve the same amount of attention regarding its potential risk of breach? It’s no longer just about securing cyber criminals from outside your organization, it’s also about the inside. With layered security, the likelihood of a breach becomes low by segmenting access – both outside and inside your network – paired with authentication tools, DNS and endpoint protection – all creating a zero-trust environment that doesn’t allow anyone in your network just because they happen to work there by default.

Then, training your staff to know what to look for, how to spot a hustle, and awareness of the latest threats keeps the lines of defense strong and steady. Training and ongoing continuing education must be part of your human resources regimen for a healthy company to succeed. Human error is the #1 factor that causes data breaches to occur – making sure your employees are educated on potential risks will pivot your greatest company vulnerability into your company’s greatest asset! The threat landscape is constantly evolving, in turn so should your approach be to defense.


One-Two Punch

Data Backups - Crucial to Winning the Fight Against Disaster Recovery Pitfalls

Have you ever stopped to think about the catastrophic circumstances you might find yourself in if you lost your company data to cyber activity, power outages or a natural disaster? The value of your individual business data is critical for everyday operations, making it impossible to attach a price tag, until you find yourself in this situation – then the insurance companies will decide for you.

What about taking the strategic route – have you developed an emergency disaster plan? Backups are often overlooked when putting together the details when only focusing on physical loss. Data loss can become a devastating part of your business if there is no way for retrieval in the event of an emergency.

At TimbukTech, our goal is to prevent ANY disruption of service, no matter what the crisis. Our team has assisted many organizations in the creation and development of emergency disaster plans that allow for quick access to company resources even after the interruption. Good insurance policies allow for business interruption coverage, however that means nothing if you have not allocated the time and resources to recover business operations in a swift manner. Time spent doing this AFTER the event, is time wasted and revenue lost on picking up the pieces when everyone is looking to you for direction.
Preparedness is always the right answer – ALWAYS! Your backup plan will have you up and running even when the physical building is gone.


Time-saving Tips and Tricks

Helpful Tips and Tricks—Here are a few helpful keyboard shortcuts that can be utilized to make everyday tasks a little quicker and easier…or just for a fun change of pace away from your mouse:

Windows Key + L- This will lock your system when away from the computer

Multiple Browser Tabs- If you have multiple internet browser tabs open you can hit Ctrl + 1 to jump to the first tab, Ctrl + 9 will jump to the last tab.  You can also hit Ctrl + Tab to move thru all open browser tabs.

Ctrl + Shift +T – Recall the last closed browser tab closed without having to look up the page in browser history.

Ctrl + Z will undo any action

Ctrl + Y will redo any undo action

Ctrl + E jump to the end of a document

Ctrl + Home return to the beginning of a document

Need a quick calculator? Simply use your browser search bar to input your equation and hit Enter, this will open an in-browser calculator.


Password Management - Due Diligence for Continual Protection

Password Management—Passwords are an ever-growing necessity in both your personal and professional life. Unique passwords are user specific and are the “key” to accessing information from your Email account to your bank account. Nobody enjoys changing and remembering passwords, but we all need to stop and think of the purpose. Passwords are often given the least thought but can carry the biggest security implications without knowledge to the user. Do not make the bad guys life any easier. Avoid using the same password for multiple sites, think in terms of a hacker for a minute… If this password works on their Gmail account, what are the chances it works on this bank account??   Change passwords frequently, utilize industry best practices (at least 8 characters in length, utilize Upper case and lower-case letters, numbers, special characters).  Passwords also do not always need to be a single word, multiple words or phrases are sometimes easier to remember. Passwords are created specifically by you; help keep them that way by utilizing good password management practices. Remember it is much easier for intruders to enter if you leave the front door wide open.


Microsoft Licensing Compliance - TimbukTech Takes You There

Are you ready for a Microsoft licensing audit? Do you have an inventory system of how many machines have a certain software package that has been copied too many times without the proper licensing attached? Fines and penalties can make non-adherence a financial nightmare for those who choose to ignore the rules. The question is not, if you will have an audit, but when. TimbukTech can review all your devices and prepare a report outlining your compliance to date and move you toward reconciliation. Microsoft tends to look favorably on those who realize they have a problem and are working on rectification versus those who simply do not care.

Open licensing can be a great resource because it saves you money and offers the ability for software to be used for a certain number of users or machines, providing flexibility versus the off-the-shelf or OEM (original equipment manufacturer) versions. Open licensing is generally available for larger institutions such as government/healthcare/education and some non-profits. Volume licensing for commercial enterprises also offers the same flexibility with discounted pricing offering uniformity in platforms across your company along with the adaptability of a three-year support agreement.

Office 365 is a good example of the flexibility afforded in choosing the components of an employee workload and the software needed to do their job. Office 365 is customizable and provides support and tools available to assist the user in task completion. It also comes with the latest live updates and formatting changes that keep your team viable with modern equipment and resources. Windows is also available as a per user SAAS (software as a service) that will keep you in compliance.

The days of buying one software license and sharing it around the office are over. Microsoft is making it easier and more affordable everyday to have access to their product offering and services. Get on board and get your licensing ducks-in-a-row! We can help!